db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <Richard.Hille...@Sun.COM>
Subject Re: Starting the derby sever with ssl
Date Mon, 03 Nov 2008 16:37:41 GMT
Hi Reda,

The documentation on Derby's security features is scattered and hard to 
follow. You will find more information on how to configure SSL in the 
Derby Server and Administration Guide in a section titled "Network 
encryption and authentication with SSL/TLS". You will probably want to 
set several startup options. Something like the following:

java -Djavax.net.ssl.keyStore=serverKeyStore.key \
     -Djavax.net.ssl.keyStorePassword=qwerty \
     -Djavax.net.ssl.trustStore=serverTrustStore.key \
     -Djavax.net.ssl.trustStorePassword=qwerty \
     -jar derbyrun.jar server start -ssl peerAuthentication

More examples of how to configure Derby's SSL support can be found in 
the security white paper located here: 

Hope this helps,

Reda Jazouli wrote:
> Hi, 
> As mentioned in the Derby tuning guide, its possible to start the derby
> server in the way that is accepts only ssl connections.
> Its only required to give at startup a java keystore and a the keystores
> password.
> My question is, how does the server know wich key is to use from the given
> keystore ?? 
> I thought that there is a java property that has to be set before startup
> and that indicates wich key from the given keystore, has to be used.
> Thanks im advance.
> Reda

View raw message